The difference between random and urandom on Linux

项目使用AES加密，结果WIN下一切正常，但是Linux下每次密文都不同。

 

kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(key.getBytes()));

 

http://forums.sun.com/thread.jspa?threadID=5298375

 

the key:

 

 * By default Linux/Solaris are using NativePRNG algorithm
 * under Java5 which is incomparable with SecureRandom generation
 * used in this code.
 
 * Windows Java5 as well as Windows and Linux/Solaris under Java 1.4
 * are using SHA1PRNG SecureRandom algorithm.
 * 
 * To fix this issue and force Java5 under Linux/Solaris uses SHA1PRNG
 * instead of NativePRNG do the following:
 * 
 * edit the file java.security located at
 * <your java installation directory>/jre/lib/security/java.security
 * 
 * find the line:
 * securerandom.source=file:/dev/urandom
 * commet it out and insert the new line
 * securerandom.source=file:/dev/random



When read, the /dev/random device will only
return random bytes within the estimated number of bits of noise in the
entropy pool. /dev/random >should be suitable for uses that need
very high quality randomness such as one-time pad or key generation.
When the entropy pool is empty, reads >from /dev/random will block
until additional environmental noise is gathered.

A read from the /dev/urandom device will not block waiting for more entropy. As a result, if there is not sufficient entropy in the entropy pool, the >returned values are theoretically vulnerable to a cryptographic attack on the algorithms used by the driver. Knowledge of how to do this is not available >in the current non-classified literature, but it is theoretically possible that such an attack may exist. If this is a concern in your application, use >/dev/random instead.